Major security flaw means your Wi-Fi could be hacked

18 October 2017, 12:23 | Myrtle Hill

Protocol-level security flaws in WPA2 may affect ALL Wi-Fi devices!

Wi-fi symbol made out of clouds

Hackers can exploit this vulnerability to steal your credit card numbers, passwords, emails, photos, and more.

While Windows users were dutifully installing October 10th's Patch Tuesday security updates, little did they know they were also installing a fix for the KRACK vulnerability that was not publicly disclosed until today.

US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol.

Finnish security firm F-Secure said experts have always been cautious about Wi-Fi's ability to withstand security challenges of the 21st century.

Belgian researcher Mathy Vanhoef revealed in a paper, titled "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2", that if a certain step of the WPA2 protocol was repeated, it would cause the network to reuse what should be a one-time encryption key to encode the data stream. The attacker can use this technique to read information that was previously assumed to be safely encrypted.

Iraqi forces enter Kirkuk as Kurds flee
U.S. officials said they were "engaged with all parties in Iraq to de-escalate tension". Before 2014, the Iraqi government extracted and exported oil from Kirkuk's fields.

Sask. Premier Brad Wall rips Ottawa over Energy East cancellation
We got a lot of other things on the go. "This is an important day in the fight against climate change in Canada". Governments need to step up with a plan to assist oil sands workers in transitioning into clean energy jobs".

Stanton comes up short of 60 homers
The victor will advance to play the Los Angeles Dodgers in the NL Division Series beginning on Friday in Los Angeles. Norichika Aoki had one hit in four at-bats in the New York Mets' 11-0 loss to the Philadelphia Phillies .

Also, with a usage of smart devices, users should check for the latest firmware updates that have been made available.

The group says the problem can be resolved through straightforward software updates. "There is no evidence that the vulnerability has been exploited maliciously", the organization added. Several wireless AP vendors already have patches available for installation. But if you're using Windows, you're all set: Microsoft already issued a patch that fixes the flaw. "Customers who apply the update, or have automatic updates enabled, will be protected", a representative of Microsoft told The Verge. The Consumerist, which notes that "basically every device on earth" is affected, says users should also install security updates on any connected devices as soon as prompted.

KRACK requires the hacker to be in range of a target's Wi-Fi, so it can't be done remotely. It is expected that nearly all manufacturers will roll out updates for routers that are now in use with consumers-you will just need to keep an eye out for those on the website of your router's manufacturer-there are different installation and update processes for different router types. After all, if you're sharing a public Wi-Fi network with tens or hundreds of other strangers, you're likely more vulnerable than you are in the privacy of your home.

This padlock will appear on all HTTPS sites. "Users can expect all their Wi-Fi devices, whether patched or unpatched, to continue working well together", the statement said. Apple, Android and Windows software are all susceptible to some version of the vulnerability, which is not fixed by changing Wi-Fi passwords.



Other News

Trending Now

Duchess Kate gives it a twirl with dancing bear Paddington
Hold on to your proverbial hats: Prince William and Kate Middleton have announced the due date for their third royal baby. The new baby will be the fifth in line to the throne, with Prince Harry - the child's uncle - being pushed into sixth.

PM inaugurates first AIIMS like Ayurveda Institute
PM Modi said that Ayurveda is not just a medical practice, but encompasses public health and environment health as well. He said the time had come for a "health revolution" under the aegis of the traditional medicine system.

Tejas train food lands 25 passengers in hospital
The train, that was travelling to Mumbai from Goa had to be halted when passengers started feeling uneasy after having breakfast. Ambulances were requisitioned and they were admitted to a local hospital and are under observation, IRCTC stated.

Mogadishu truck bomb: Blast in Somali capital kills at least 20
The explosion was followed by gunfire between security forces and armed men around and inside the popular Safari Hotel. The militants are fighting the Somali military and over 20,000 African Union forces in the country.

Shanghai Masters: Nadal grinds out tough win over Dmitrov
Dimitrov sensed another opportunity in the fifth game of the third set, but Nadal survived the break point. A relieved Nadal looked up to the heavens and raised his arms at the end.

Twenty20 series decider abandoned due to wet outfield in Hyderabad
IST: No toss yet, Umpires to inspect pitch at 19.45 IST. "The outfield was quite unsafe and that's why they made the call". The city has been receiving good rainfall nearly on a daily basis for about a week, throwing normal life out of gear.

Tillerson 'Moron' Comment Followed Trump's Call for Massive Nuclear Buildup
Tillerson scores 120, while Trump's is just a crudely done kid's drawing of the president in a truck. Tillerson addressed the story last week that also stated he was close to resigning last summer.

Iwobi scores as Arsenal beat Brighton on Wenger's 21st anniversary
Nigerian worldwide Alex Iwobi should score at least 10 goals for English Premier League (EPL) giants Arsenal FC. As expected Arsenal came away with their sixth home win of the season after beating Brighton 2-0 yesterday.

'Sonic the Hedgehog' movie zooms to Paramount
Deadpool director Tim Miller and Toby Ascher are the executive producers, while Blur Studio's Jeff Fowler will direct the film. A hybrid CG-animated/live-action feature, the movie will be written by Patrick Casey and Josh Miller and produced by Neal H.

Maria moves off, but what's next?
Hurricane Maria is expected to cause rough seas and surf throughout the east coast, but especially near the Outer Banks. The National Hurricane Center forecast is for the storm to turn to the northeast and head out to sea overnight.